专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

11. 发明申请

US20090313397A1 Methods and Systems for Protecting Data in USB Systems 审中-公开
标题翻译： USB系统数据保护方法与系统
公开(公告)号：US20090313397A1
公开(公告)日：2009-12-17
申请号：US12348487
申请日：2009-01-05
申请人： Paul England , Kenneth D. Ray , Marcus Peinado , John C. Dunn , Glen Slick , Bryan Willman
发明人： Paul England , Kenneth D. Ray , Marcus Peinado , John C. Dunn , Glen Slick , Bryan Willman
IPC分类号： G06F13/28
CPC分类号： G06F12/1408 , G06F3/065 , G06F13/28 , G06F13/362 , G06F13/4282 , G06F21/606 , G06F21/72 , G06F21/73 , G06F21/78 , G06F21/85 , G06F2212/1052 , G06F2221/0704 , G06F2221/2105 , G06F2221/2129 , G06F2221/2147 , G06F2221/2153
摘要： The various embodiments described below are directed to providing authenticated and confidential messaging from software executing on a host (e.g. a secure software application or security kernel) to and from I/O devices operating on a USB bus. The embodiments can protect against attacks that are levied by software executing on a host computer. In some embodiments, a secure functional component or module is provided and can use encryption techniques to provide protection against observation and manipulation of USB data. In other embodiments, USB data can be protected through techniques that do not utilized (or are not required to utilize) encryption techniques. In accordance with these embodiments, USB devices can be designated as “secure” and, hence, data sent over the USB to and from such designated devices can be provided into protected memory. Memory indirection techniques can be utilized to ensure that data to and from secure devices is protected.
摘要翻译：下面描述的各种实施例旨在从在USB总线上操作的I / O设备到主机（例如安全软件应用或安全内核）上执行的软件提供经认证和保密的消息传递。这些实施例可以防止在主计算机上执行的软件所征收的攻击。在一些实施例中，提供了安全的功能部件或模块，并且可以使用加密技术来提供对USB数据的观察和操纵的保护。在其他实施例中，USB数据可以通过不被利用（或不需要利用）加密技术的技术来保护。根据这些实施例，USB设备可以被指定为“安全”，因此，可以通过USB向这些指定设备发送和从这些指定设备发送的数据提供到受保护的存储器中。可以利用内存间接技术来确保进出安全设备的数据受到保护。

12. 发明授权

US07587589B2 Saving and retrieving data based on symmetric key encryption 有权
标题翻译：基于对称密钥加密保存和检索数据
公开(公告)号：US07587589B2
公开(公告)日：2009-09-08
申请号：US11557641
申请日：2006-11-08
申请人： Paul England , Marcus Peinado
发明人： Paul England , Marcus Peinado
IPC分类号： H04L29/06
CPC分类号： G06F21/6218
摘要： In accordance with certain aspects, data is received from a calling program. Ciphertext that includes the data is generated, using a symmetric cipher, in a manner that allows only one or more target programs to be able to obtain the data from the ciphertext. In accordance with other aspects, a bit string is received from a calling program. An identifier of the calling program is checked to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string. The integrity of the data is also verified, and the data is decrypted using a symmetric key. The data is returned to the calling program only if the calling program is allowed to access the data and if the integrity of the data is successfully verified.
摘要翻译：根据某些方面，从呼叫程序接收数据。使用对称密码，以允许只有一个或多个目标程序能够从密文获得数据的方式生成包含数据的密文。根据其他方面，从呼叫程序接收到位串。检查调用程序的标识符以确定是否允许调用程序访问以位串的密文加密的数据。还验证数据的完整性，并使用对称密钥对数据进行解密。只有当主叫程序被允许访问数据并且数据的完整性被成功验证时，才将数据返回给调用程序。

13. 发明申请

US20090183261A1 MALWARE DETECTION WITH TAINT TRACKING 有权
标题翻译：恶意跟踪检测
公开(公告)号：US20090183261A1
公开(公告)日：2009-07-16
申请号：US12013475
申请日：2008-01-14
申请人： Marcus Peinado , Luis Irun-Briz , Laurent S. Visconti , Mark L. Niehaus , Nikola Livic
发明人： Marcus Peinado , Luis Irun-Briz , Laurent S. Visconti , Mark L. Niehaus , Nikola Livic
IPC分类号： G06F21/00 , G06F17/00
CPC分类号： G06F21/565
摘要： Malware may be identified based on attempts to use tainted data in certain ways, such as by attempting to execute the tainted data, by attempting to modify execution control based on tainted data, or by attempting to apply an existing function to the tainted data. A data's taint is determined based on the location from which the data originates. When data from a tainted source is moved to an otherwise non-tainted destination, the taint may be propagated from the source to the destination, to indicate that the destination is now of unknown safety. A component may be used to observe the operation of a process, in order to determine what data is being moved with respect to the process, and how that data is being used.
摘要翻译：可以基于尝试以某些方式使用污染数据，例如通过尝试通过尝试基于污染数据修改执行控制或通过尝试将已有功能应用于污染数据来执行污染数据来识别恶意软件。基于数据来源的位置确定数据的污点。当来自污染源的数据被移动到另外没有污染的目的地时，污点可以从源传播到目的地，以指示目的地现在是未知的安全的。可以使用组件来观察进程的操作，以便确定相对于进程移动什么数据以及如何使用该数据。

14. 发明授权

US07529927B2 Specifying security for an element by assigning a scaled value representative of the relative security thereof 有权
标题翻译：通过分配代表其相对安全性的缩放值来指定元素的安全性
公开(公告)号：US07529927B2
公开(公告)日：2009-05-05
申请号：US10980743
申请日：2004-11-03
申请人： Marcus Peinado , Rajasekhar Abburi , Jeffrey R. C. Bell
发明人： Marcus Peinado , Rajasekhar Abburi , Jeffrey R. C. Bell
IPC分类号： H04L9/00
CPC分类号： H04L63/0442 , G06F21/10 , G06F21/71 , G06F21/84 , G06F2211/007 , G06F2221/0797 , G06F2221/2105 , G06F2221/2107 , G06F2221/2137 , G06Q30/06 , G07F11/002 , H04L63/068 , H04L63/0823 , H04L63/12 , H04L2463/101
摘要： To determine whether digital content can be released to an element such as a computer application or module, a scaled value representative of the relative security of the element is associated therewith, and the digital content has a corresponding digital license setting forth a security requirement. The security requirement is obtained from the digital license and the scaled value is obtained from the element, and the scaled value of the element is compared to the security requirement of the digital license to determine whether the scaled value satisfies the security requirement. The digital content is not released to the element if the scaled value does not satisfy the security requirement.
摘要翻译：为了确定数字内容是否可以释放到诸如计算机应用或模块的元素，代表元素的相对安全性的缩放值与其相关联，并且数字内容具有阐明安全性要求的对应数字许可。安全要求是从数字许可获得的，从元素中获取标定值，将元素的比例值与数字许可证的安全性要求进行比较，以确定缩放值是否满足安全要求。如果缩放的值不满足安全要求，则数字内容不会释放到元素。

15. 发明授权

US07457964B2 Trusted path for transmitting content thereon 有权
标题翻译：用于在其上传送内容的可信路径
公开(公告)号：US07457964B2
公开(公告)日：2008-11-25
申请号：US10771888
申请日：2004-02-04
申请人： Andrew John Thornton , John E. Paff , Marcus Peinado , Thekkthalackal Varugis Kurien
发明人： Andrew John Thornton , John E. Paff , Marcus Peinado , Thekkthalackal Varugis Kurien
IPC分类号： H04K1/00 , H04L9/00
CPC分类号： G06F21/10 , G06F21/606 , G06F2221/2129
摘要： A method is provided for a processor of a computing device to obtain a trusted identification of a hardware peripheral of the computing device, for the computing device and the peripheral to derive a set of shared keys, and for the processor to send trusted data to the peripheral.
摘要翻译：提供了一种用于计算设备的处理器以获得计算设备的硬件外围设备的可信标识的方法，用于计算设备和外围设备以导出一组共享密钥，并且为了使处理器将可信数据发送到外围设备

16. 发明授权

US07266660B2 Protection of content stored on portable memory from unauthorized usage 有权
标题翻译：保护存储在便携式存储器上的内容免于未经授权的使用
公开(公告)号：US07266660B2
公开(公告)日：2007-09-04
申请号：US11406180
申请日：2006-04-17
申请人： Marcus Peinado
发明人： Marcus Peinado
IPC分类号： G06F12/14
CPC分类号： G06F21/10
摘要： A device for securely recording protected content to a portable memory, and for reading the protected content therefrom. The device includes a feature that makes it adapted to read or write specially-configured portable memories that are incompatible with standard read/write devices. For example, the device may be designed to work with memories having an unusual shape or size, or may manipulate the data in a non-standard way before storing it on the memory. The read/write devices are trusted components that will only handle the protected content in accordance with rules governing the content. The feature included in the device is preferably a proprietary and/or hardware feature, so that counterfeit devices incorporating the feature cannot be built without overcoming economic and/or legal hurdles. Because of the hurdles to building devices compatible with the specially-configured portable memory, protected content can be transferred to such a memory with reasonable assurance that the content will not be widely copied.
摘要翻译：一种用于将受保护内容安全地记录到便携式存储器并用于从其读取受保护内容的装置。该设备包括一个功能，使其适合于读取或写入与标准读/写设备不兼容的特殊配置的便携式存储器。例如，设备可以被设计为与具有不寻常形状或尺寸的存储器一起工作，或者可以在将其存储在存储器之前以非标准方式操纵数据。读/写设备是只能根据管理内容的规则处理受保护内容的受信任组件。设备中包括的特征优选地是专有和/或硬件特征，使得并入该特征的假冒设备不能克服经济和/或法律障碍。由于构建与特殊配置的便携式存储器兼容的设备的障碍，受保护的内容可以被合理地保证内容不会被广泛地复制到这样的存储器中。

17. 发明授权

US07243230B2 Transferring application secrets in a trusted operating system environment 有权
标题翻译：在受信任的操作系统环境中传送应用程序秘密
公开(公告)号：US07243230B2
公开(公告)日：2007-07-10
申请号：US09993340
申请日：2001-11-16
申请人： Paul England , Marcus Peinado , Daniel R. Simon , Josh D. Benaloh
发明人： Paul England , Marcus Peinado , Daniel R. Simon , Josh D. Benaloh
IPC分类号： H04L9/00
CPC分类号： G06F21/57 , G06F21/606
摘要： Transferring application secrets in a trusted operating system environment involves receiving a request to transfer application data from a source computing device to a destination computing device. A check is made as to whether the application data can be transferred to the destination computing device, and if so, whether the application data can be transferred under control of the user or a third party. If these checks succeed, a check is also made as to whether the destination computing device is a trustworthy device running known trustworthy software. Input is also received from the appropriate one of the user or third party to control transferring of the application data to the destination computing device. Furthermore, application data is stored on the source computing device in a manner that facilitates determining whether the application data can be transferred, and that facilitates transferring the application data if it can be transferred.
摘要翻译：在受信任的操作系统环境中传送应用程序秘密涉及接收将应用数据从源计算设备传送到目的地计算设备的请求。检查应用数据是否可以传送到目的地计算设备，如果是，可以在用户或第三方的控制下传送应用数据。如果这些检查成功，还要检查目的地计算设备是否是运行已知可靠软件的值得信赖的设备。还从适当的用户或第三方接收输入以控制将应用数据传送到目的地计算设备。此外，应用数据以便于确定是否可以传送应用数据的方式存储在源计算设备上，并且如果可以传送应用数据便于传送应用数据。

18. 发明授权

US07203313B2 Protecting decrypted compressed content and decrypted decompressed content at a digital rights management client 失效
标题翻译：在数字版权管理客户端保护解密的压缩内容和解密的解密内容
公开(公告)号：US07203313B2
公开(公告)日：2007-04-10
申请号：US11176661
申请日：2005-07-07
申请人： Paul England , Marcus Peinado , Mukund Sankaranarayan
发明人： Paul England , Marcus Peinado , Mukund Sankaranarayan
IPC分类号： H04N7/167 , G06F21/00
CPC分类号： G06F21/10
摘要： Theft of decompressed digital content as the content is being rendered is prevented. A requested slow-down of the rendering of the content is detected. Transfers of relatively large amounts of data are detected. A re-compressor-based requested slow-down of the rendering of the content is detected. A re-compressor re-compressing the content is detected. In each situation, the detected activity is presumably initiated by a content thief attempting to steal the content. In each situation, the detected activity is responded to in a manner designed to frustrate the presumed attempt of the content thief to steal the content.
摘要翻译：防止正在呈现内容的解压缩数字内容的盗窃。检测到请求的内容呈现的减慢。检测到相对大量数据的传输。检测到基于重新压缩的请求的内容呈现的减慢。检测到重新压缩内容的再压缩。在每种情况下，检测到的活动大概是由试图窃取内容的内容窃贼发起的。在每种情况下，检测到的活动都以一种旨在阻止内容窃贼窃取内容的推定尝试的方式作出回应。

19. 发明授权

US07203310B2 Methods and systems for cryptographically protecting secure content 有权
标题翻译：用于密码保护安全内容的方法和系统
公开(公告)号：US07203310B2
公开(公告)日：2007-04-10
申请号：US10124922
申请日：2002-04-18
申请人： Paul England , Marcus Peinado , Nicholas P. Wilt
发明人： Paul England , Marcus Peinado , Nicholas P. Wilt
IPC分类号： H04N7/167
CPC分类号： G06F21/83 , G06F21/64 , G06F21/79
摘要： Methods and systems are provided for cryptographically protecting secure content in connection with a graphics subsystem of a computing device. Techniques are implemented to encrypt the contents of video memory so that unauthorized software cannot gain meaningful access to it, thereby maintaining confidentiality. Moreover, a mechanism for tamper detection is provided so that there is awareness when data has been altered in some fashion, thereby maintaining integrity. In various embodiments, the contents of overlay surfaces and/or command buffers are encrypted, and/or the GPU is able to operate on encrypted content while preventing its availability to untrusted parties, devices or software.
摘要翻译：提供了与计算设备的图形子系统相关联地加密地保护安全内容的方法和系统。实现技术来加密视频存储器的内容，使得未经授权的软件不能获得对其的有意义的访问，从而保持机密性。此外，提供用于篡改检测的机制，使得当数据以某种方式被改变时，意识到，从而保持完整性。在各种实施例中，覆盖表面和/或命令缓冲器的内容被加密，和/或GPU能够对加密内容进行操作，同时防止其对不信任方，设备或软件的可用性。

20. 发明授权

US07137004B2 Manifest-based trusted agent management in a trusted operating system environment 有权
公开(公告)号：US07137004B2
公开(公告)日：2006-11-14
申请号：US09993370
申请日：2001-11-16
申请人： Paul England , Marcus Peinado , Daniel R. Simon , Josh D. Benaloh
发明人： Paul England , Marcus Peinado , Daniel R. Simon , Josh D. Benaloh
IPC分类号： H04L9/00
CPC分类号： G06F21/54 , G06F21/53 , G06F21/57
摘要： Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式